Daily Archives: April 28, 2014

Microsoft rushes to fix browser after attacks; no fix for XP users

BOSTON (Reuters) – Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world’s PCs still run Windows XP.

Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

Cybersecurity software maker FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed “Operation Clandestine Fox.”

FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.

“It’s a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,” FireEye spokesman Vitor De Souza said via email. “It’s unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering.”

He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.

FireEye and Microsoft have not provided much information about the security flaw or the approach that hackers could use to figure out how to exploit it, said Aviv Raff, chief technology officer of cybersecurity firm Seculert.

Yet other groups of hackers are now racing to learn more about it so they can launch similar attacks before Microsoft prepares a security update, Raff said.

“Microsoft should move fast,” he said. “This will snowball.”

Still, he cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.

The software maker said in a statement to Reuters that it advises Windows XP users to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.

Enhanced by Zemanta
Advertisements

Bluefin submersible fails to find Boeing 777 on designated search area

Bluefin-21 submersible

SYDNEY, April 28

Bluefin-21 submersible has finished the exploration of the area, which was initially designated for it to search for missing Malaysian Boeing 777 and failed to find any objects of interest, according to representatives of the search coordination center that continues operating in Australia’s Perth.

Despite lack of results, the rescuers decided to continue using the submersible: at present, Bluefin-21 is making its 16th immersion and explores the bottom of neighboring sections.

On Sunday, there were no search operations involving planes and ships due to a strong storm in the ocean. On Monday, weather conditions improved, and it made possible to go on with the search operation. In the course of the day, nine planes and 12 ships will be monitoring a 54,920 square km area in some 1,670 km from Perth.

Vanished airliner

Boeing 777-200 of Malaysian Airlines was en route from Kuala Lumpur to Beijing March 7. It carried 227 passengers and 12 crewmembers onboard. Communication with the jet was interrupted nearly two hours after its departure from the Malaysian capital. Since then, there was no information about the missing airliner.

March 24, the air carrier issued a statement informing about the death of all people who were onboard of the missing plane.

According to experts, the search operation involving 26 countries may become the most expensive in aviation’s history. $44 million are already spent on the search, and the overall expenditures may reach several hundreds of millions of dollars.

Enhanced by Zemanta

Pro-Russian Forces in Ukraine Free One of 8 Detainees – NYTimes

A group of European military observers, detained since Friday, appeared before journalists in a news conference in Slovyansk on Sunday.

SLOVYANSK, Ukraine — The self-appointed mayor of this breakaway city in eastern Ukraine on Sunday displayed eight detained members of a European military observer mission and later released one for health reasons, but otherwise refused to discuss conditions under which the others might go free beyond mentioning a possible prisoner exchange.

In an afternoon of political theater, the de facto public authority here, Vyachislav Ponomaryov, had the detainees led into an auditorium by masked gunmen.

The observers, whom Mr. Ponomaryov has branded as spies, were escorted to seats once used by the city’s administrators. He then yielded the floor to the German officer leading the observers, Col. Axel Schneider, who held a long question-and-answer session with journalists.With erect posture, the colonel began by referring to himself and his team as “guests” under Mr. Ponomaryov’s “protection,” and said the team had suffered no violence at its captors’ hands since being seized on Friday.“We are not prisoners of war,” he said.

But the clearly coercive nature of the display here held the truth of the matter, which Colonel Schneider nodded to toward the end of the conference, saying, “I cannot go home on my free decision.”

He said the observers were performing a diplomatically accredited inspection in a rented bus when they were stopped at a checkpoint about two miles south of Slovyansk, the stronghold of the anti-Kiev armed militias in eastern Ukraine.

The team was held in a basement for one day and then moved on Saturday to better quarters, he said. The observer mission included seven military officers — three from Germany and one each from Czech Republic, Denmark, Poland and Sweden — and a German interpreter, along with five members of the Ukrainian military as escorts.

Colonel Schneider flatly rejected accusations that the observers were spies, and he dismissed claims that the team had carried ammunition and reconnaissance equipment.

His team’s mission, he said several times, had diplomatic status under the so-called Vienna Document 2011 of the Organization for Security and Cooperation in Europe, which allows member nations to invite military observers from other member states to observe internal security conditions.

“I have no overlap with any other action executed in this region,” he said. “It is forbidden.”

The detention of the team has led to intensive diplomatic activity seeking their release.

Germany’s foreign minister, Frank-Walter Steinmeier, condemned what he called the “public display” of the mission members on Sunday, which he said “scandalously violates every rule and standard.” And he called on Russia to use its influence over the separatists in Ukraine to ensure all of the captives would be released unharmed. “It is Russia’s duty to influence the separatists so that they release the members of the O.S.C.E. mission as quickly as possible,” Mr. Steinmeier said in a statement.

Russia’s representative to the security organization has publicly said that the team should be freed.

But Mr. Ponomaryov, who referred to members of the team as “prisoners of the situation,” said he has heard nothing directly from Russia. He gave no timetable for any decisions, but insisted that the observers had been and would be treated well.

“We understand that these are officers before us,” he said. “And as we are also servicemen, we are required to abide by the officers’ code of honor.”

At another moment, Mr. Ponomaryov said the display was intended in part to reassure the observers’ families that the men were in good health. And later in the day, he released one of the observers — a Swedish officer with diabetes, Maj. Thomas Johansson — for health reasons, according to a spokeswoman for Mr. Ponomaryov. (At the end of the conference, Major Johansson noted that he was not ill and had access to medicine during his captivity.)

As the news conference continued, Colonel Schneider gradually expanded on his descriptions of the teams’ circumstances, making clear that its members were detainees.

“Our presence here in Slovyansk is for sure a political instrument for the decision-makers here in the region, and the possibility to use it for negotiations,” he said. “And this is not a surprise.”

He added, “It is logical in the eyes of Mayor Ponomaryov that he can use us to present his positions.”

The antigovernment militias here and their supporters, who seek a referendum that will allow them self-rule, have noted that the interim authorities in Kiev, Ukraine’s capital, have arrested activists or officials on the antigovernment side.

But they have yet to make specific demands for any exchange, beyond Mr. Ponomaryov’s pointing out on Saturday that his own deputy has disappeared and could be in government custody.

The United States has opposed any exchange, and said the detainees should be freed unconditionally.

On Sunday, Mr. Ponomaryov, who was positioned two seats to the colonel’s right, occasionally checking a ringing cellphone, refused to answer questions about a resolution. He did reconfirm that he would consider a prisoner exchange.

When asked by journalists if he thought of the observers as human shields, he said he did not.

“This is nonsense,” he said. “Nonsense. If I gave the word that these people will remain safe, and I provide them capable security, then believe me, I will keep my word.”

Less clear was the status and prospects of five members of the Ukrainian military who had accompanied the observer team.

Colonel Schneider, and then later Major Johansson, said four of these Ukrainians had been held on the first day with the European team, but only two of them were moved with the European officers on Saturday. The conditions and whereabouts of the other three were unknown.

As the back-and-forth inside the sandbagged city administration building continued, a white sport utility vehicle bearing the markings of the O.S.C.E. pulled up outside. Several diplomats stepped out and were escorted into another section of the building by a gunman wearing a black mask.

Mr. Ponomaryov noted that the observers’ release would have to be discussed with diplomats.

“So that these officers feel certain — I told my guests, and I repeat it again — the conditions of their release will be specified with representatives of the O.S.C.E.,” he said. “It will be a separate topic.”

Several minutes after the diplomats arrived, Mr. Ponomaryov abruptly cut short the session and ordered journalists to leave, at one point shouting, “One! Two!” and preparing to shout “Three!” as if trying to compel disobedient children to comply.

The gunmen behind the sandbags led the journalists out into the bright afternoon light of the city’s main public square. There, behind a massive statue of Lenin, a Russian television journalist playfully petted a saddled pony as masked men came and went.

via Pro-Russian Forces in Ukraine Free One of 8 Detainees – NYTimes.com.

 

Enhanced by Zemanta

An Internet Censorship Law Right Out of ‘1984’

By Victor Davidoff

If there had been Internet when George Orwell wrote “1984,” the author would certainly have invented laws like the one passed in its second reading by the State Duma last week.

The law restricts the content of all blogs, including those on social networks, but it stipulates particular conditions for bloggers whose number of “daily readers” exceeds 3,000. In the best newspeak tradition, the law does not state how the number of daily readers will be determined, and no one knows how to do it — especially on social networks where the number of visits to a page is not public.

But the government has an easy way around this. Internet providers and the owners of social networks will be required to provide this information to the authorities so that bloggers can be entered into a special state registry, which will contain detailed information about them, such as phone numbers and home addresses.

This law places bloggers in a Catch-22 situation. On the one hand, they have all the responsibilities of a media organization. On the other hand, the law specifically forbids them from registering as a media outlet. A journalist has the right to make official inquiries to check facts, but bloggers do not. At the same time, however, bloggers are still required to somehow “certify the factuality of the information on their blogs.”

Anti-corruption bloggers like Alexei Navalny have been able to publish information about undeclared luxury properties in the U.S. and Europe owned by government officials. But that will stop, since the law prohibits publication of “information about citizens’ location, domicile, personal and family lives.”

That is not all that will be banned. The long list of prohibitions includes “publication of information intended to defame specific categories of citizens” based on characteristics including attitude toward religion, profession or political beliefs,” as well as publication of “extremist materials.”

To translate this from newspeak, you need to know how broadly “extremism” is understood by Russian courts. In 2009, the Tatarstan blogger Irek Murtazin was found guilty of “inciting hatred and hostility” toward the authorities among the population of Tatarstan. And the blogger Boris Stomakhin just received a 6 1/2 year sentence for justifying terrorism. If you think this was for a post praising Osama bin Laden, think again. It was for a post about the terrorist act that killed Emperor Alexander II in 1881, among other topics.

The real Orwellian touch is making bloggers responsible not only for the information in their posts, but also for the information in comments by other users.

The law, which will likely be passed, will instantly put Russia in first place for Internet censorship. Even China, which until recently was No. 1 in that category, will be far behind. This change at the top of the list reflects the two countries’ different approaches to the Internet. The Chinese leaders have a complex relationship with the World Wide Web, but they understand that it is a key factor in the country’s economic development. But Russian authorities’ understanding of the Internet is very different.

Their concept was expressed in short form by the country’s Big Brother-in-chief, President Vladimir Putin. At a news conference on Thursday he said: “The Internet emerged as a special operation of the CIA. And it has continued to be developed along these lines.”

Responding to Putin’s preference to block the transfer of information abroad, the new law introduces norms that will be catastrophic for Russia’s blogosphere. They require that all e-mail providers and social network owners store information about the users, their posts and e-mail communications on servers in Russia. And these providers will be required to give FSB operatives full access to monitor traffic — that is, to eavesdrop on users.

Russian Internet companies have already stated their negative opinion of the new law. “If there is excessive regulation of the Internet, which would require companies to apply for special licenses from state agencies to use their equipment and software, Russia will lose the Internet as a growth industry in our country,” said Dmitry Grishin, the CEO of Mail.ru in an interview to Rbc.ru.

Foreign companies have not yet given official commentary, but it is already clear that they cannot meet the law’s requirements. Besides the fact that building data centers in Russia is expensive and complicated, following this law would entail violating privacy laws in their home countries, which apply to their operations worldwide.

Anton Nosik, a prominent Internet analyst, thinks that the authorities will almost surely block Russians’ access to Facebook and Twitter after the law comes into effect on Aug. 1. Nosik believes that this “would be the logical progression in Russian legislation on censorship, which is largely aimed at limiting uncontrolled discussions and criticism of the authorities.”

If Nosik’s prediction comes true, users will have to laugh at the bitter joke by popular micro-blogger Arseny Bobrovsky, aka @KermlinRussia: “The Russian Internet is 20 years old. What a shame to die so young.”

Enhanced by Zemanta

In Lugansk, federalization supporters proclaim creation of a “people’s republic”

They demand “an amnesty for all participants in the protest movent in Ukraine’s east, recognition of the Russian language as a state one, and the holding of a referendum on matters concerning self-determination of the region”

DONETSK, April 28. ITAR-TASS.

In Lugansk, federalization supporters at a meeting on Sunday proclaimed the establishment of a “Lugansk People’s Republic”, Ukraine’s radio “Freedom” reports.

In that city, where a joint headquarters of the country’s South-East was established several days ago to coordinate the work of other headquarters in other districts, federalism supporters delivered an ultimatum to the Kiev authorities on Sunday.

In particular, the protesters demand “an amnesty for all participants in the protest movent in Ukraine’s east, recognition of the Russian language as a state one, and the holding of a referendum on matters concerning self-determination of the region”.

If their demands are not met by April 29, they promise “to move on to energetic actions”.

Enhanced by Zemanta

MI5’s hiring: British Secret Service is looking for intel experts on Russia

The MI5 headquarters in central London

The UK’s MI5 has decided to beef up its team with more experts on Russia amid the ongoing political crisis in Ukraine. It is now hiring Russian intelligence analysts to monitor intercepted phone calls and e-mails.

According to The TimesDavid Leppard, the British Secret Service is advertising the positions in this week’s newspapers. It can also be easily found on MI5’s official website.

Successful applicants will be tasked with listening to telephone calls in Russian, working with written documents “intercepted under warrant” and providing expert support to investigative officers.

The fluent Russian speakers will be giving “clear analysis in a variety of ways” that, MI5 says, will “help safeguard national security.”

“Your work will enable us to take a well-informed view of potential threats to national security, including terrorism and espionage,” the job description reads.

MI5’s Russian intelligence analysts will be also cooperating with the Secret Intelligence Service (SIS, or MI6) and the Government Communications Headquarters (GCHQ).

Those who get the job will be paid £30,000 ($50,000) a year.

Aside from fluent Russian, British citizenship or residency is also a must.

MI5’s recruitment comes amid growing tensions between the West and Russia over the political crisis in Ukraine, a former republic of the Soviet Union. While the two sides agree on the necessity of de-escalation of the situation in Ukraine, there is still no agreement on approaches.

While the West is accusing Moscow of attempts to undermine sovereignty of the country, Russia is blaming the US and its European allies for fueling Maidan protests and supporting the coup-appointed Kiev government.

Enhanced by Zemanta